Merge pull request #38 from arbet/master

silentworks · silentworks · commit 165dac2b9397 · 2012-09-28T23:45:45.000-07:00
Modified HttpDigestAuth to support multiple usernames and password
diff --git a/Middleware/HttpDigestAuth.php b/Middleware/HttpDigestAuth.php
@@ -10,12 +10,13 @@
  * derivative class is provided under the MIT public license.
  *
  * @author Josh Lockhart <info@slimframework.com>
+ * @author Samer Bechara <sam@thoughtengineer.com>
  * @version 1.0
  *
  * USAGE
  *
  * $app = new Slim();
- * $app->add(new HttpDigestAuth('theUsername', 'thePassword'));
+ * $app->add(new HttpDigestAuth(array('user1' => 'password1', 'user2' => 'password2')));
  *
  * MIT LICENSE
  *
@@ -38,19 +39,11 @@
  * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
  * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
  */
-namespace Slim\Extras\Middleware;
-
-class HttpDigestAuth extends \Slim\Middleware
-{
-    /**
-     * @var string
-     */
-    protected $username;
-
+class HttpDigestAuth extends Slim_Middleware {
     /**
-     * @var string
+     * @var array
      */
-    protected $password;
+    protected $credentials;
 
     /**
      * @var string
@@ -60,15 +53,14 @@ class HttpDigestAuth extends \Slim\Middleware
     /**
      * Constructor
      *
-     * @param   string  $username   The HTTP Authentication username
-     * @param   string  $password   The HTTP Authentication password
+     * @param   array	$credentials	An array of usernames and passwords
      * @param   string  $realm      The HTTP Authentication realm
      * @return  void
      */
-    public function __construct($username, $password, $realm = 'Protected Area')
-    {
-        $this->username = $username;
-        $this->password = $password;
+    public function __construct( $credentials, $realm = 'Protected Area' ) {
+        
+
+        $this->credentials = $credentials;
         $this->realm = $realm;
     }
 
@@ -81,25 +73,24 @@ public function __construct($username, $password, $realm = 'Protected Area')
      *
      * @return void
      */
-    public function call()
-    {
+    public function call() {
         //Check header and header username
-        if (empty($_SERVER['PHP_AUTH_DIGEST'])) {
+        if ( empty($_SERVER['PHP_AUTH_DIGEST']) ) {
             $this->fail();
             return;
         } else {
             $data = $this->parseHttpDigest($_SERVER['PHP_AUTH_DIGEST']);
-            if (!$data || $data['username'] !== $this->username) {
+            if ( !$data || !array_key_exists($data['username'], $this->credentials) ) {
                 $this->fail();
                 return;
             }
         }
 
         //Check header response
-        $A1 = md5($data['username'] . ':' . $this->realm . ':' . $this->password);
+        $A1 = md5($data['username'] . ':' . $this->realm . ':' . $this->credentials[$data['username']]);
         $A2 = md5($_SERVER['REQUEST_METHOD'] . ':' . $data['uri']);
         $validResponse = md5($A1 . ':' . $data['nonce'] . ':' . $data['nc'] . ':' . $data['cnonce'] . ':' . $data['qop'] . ':' . $A2);
-        if ($data['response'] !== $validResponse) {
+        if ( $data['response'] !== $validResponse ) {
             $this->fail();
             return;
         }
@@ -113,44 +104,25 @@ public function call()
      *
      * @return void
      */
-    protected function fail()
-    {
+    protected function fail() {
         $this->app->response()->status(401);
-        $this->app->response()->header(
-            'WWW-Authenticate',
-            sprintf(
-                'Digest realm="%s",qop="auth",nonce="%s",opaque="%s"',
-                $this->realm,
-                uniqid(),
-                md5($this->realm)
-            )
-        );
+        $this->app->response()->header('WWW-Authenticate', sprintf('Digest realm="%s",qop="auth",nonce="%s",opaque="%s"', $this->realm, uniqid(), md5($this->realm)));
     }
 
     /**
      * Parse HTTP Digest Authentication header
      *
      * @return array|false
      */
-    protected function parseHttpDigest($headerValue)
-    {
-        $needed_parts = array(
-            'nonce' => 1,
-            'nc' => 1,
-            'cnonce' => 1,
-            'qop' => 1,
-            'username' => 1,
-            'uri' => 1,
-            'response' => 1
-        );
+    protected function parseHttpDigest( $headerValue ) {
+        $needed_parts = array('nonce' => 1, 'nc' => 1, 'cnonce' => 1, 'qop' => 1, 'username' => 1, 'uri' => 1, 'response' => 1);
         $data = array();
         $keys = implode('|', array_keys($needed_parts));
         preg_match_all('@(' . $keys . ')=(?:([\'"])([^\2]+?)\2|([^\s,]+))@', $headerValue, $matches, PREG_SET_ORDER);
-        foreach ($matches as $m) {
+        foreach ( $matches as $m ) {
             $data[$m[1]] = $m[3] ? $m[3] : $m[4];
             unset($needed_parts[$m[1]]);
         }
-
         return $needed_parts ? false : $data;
     }
-}
+}
